Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/rLJvZxJ0aSyYN6-Q5Bw4kmxWFHU.roa
File: rLJvZxJ0aSyYN6-Q5Bw4kmxWFHU.roa (raw, json)
Hash identifier: U2r+gCiYsLemL0/mWy+RfQ59RnUuIGLS/QczZmHDy38=
Subject key identifier: AC:B2:6F:67:12:74:69:2C:98:37:AF:90:E4:1C:38:92:6C:56:14:75
Certificate issuer: /CN=3b7ec9423bf90c81d22d94841c10357a54260379
Certificate serial: 018CC94E680D63FAAFBFD9A7158B57051C8A
Authority key identifier: 3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/rLJvZxJ0aSyYN6-Q5Bw4kmxWFHU.roa
Signing time: Tue 02 Jan 2024 08:33:28 +0000
ROA not before: Tue 02 Jan 2024 08:33:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14576
IP address blocks: 185.152.93.0/24 maxlen: 24
185.152.95.0/24 maxlen: 24
185.152.94.0/24 maxlen: 24
85.239.38.0/24 maxlen: 24
85.239.37.0/24 maxlen: 24
85.239.36.0/24 maxlen: 24
85.239.35.0/24 maxlen: 24
85.239.39.0/24 maxlen: 24
85.239.48.0/22 maxlen: 24
85.239.56.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/O37JQjv5DIHSLZSEHBA1elQmA3k.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/O37JQjv5DIHSLZSEHBA1elQmA3k.mft
rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 27 Jun 2024 05:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:68:0d:63:fa:af:bf:d9:a7:15:8b:57:05:1c:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b7ec9423bf90c81d22d94841c10357a54260379
Validity
Not Before: Jan 2 08:33:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=acb26f671274692c9837af90e41c38926c561475
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:0b:3e:4e:ce:e0:c1:59:23:26:0a:36:ca:80:
fd:f2:6d:48:b6:44:2d:8c:0a:c3:ca:c8:e2:4a:0c:
84:8c:04:b9:c6:b4:c9:28:63:4d:db:b7:99:d1:68:
6e:bc:f5:47:ee:30:d4:52:3d:75:0d:ef:8a:34:74:
fd:d3:f5:0f:57:3a:77:8c:19:6e:ad:ae:45:b4:4d:
4d:ea:a7:67:3a:7a:39:66:71:4d:e5:0f:61:a8:02:
2d:1a:84:58:5d:7d:d3:eb:b0:5c:21:99:b8:8d:94:
15:87:61:d6:54:fa:c3:88:60:4c:15:cd:ce:58:b6:
01:cf:38:e3:fa:e6:25:50:5d:79:bd:61:8e:5c:81:
a8:aa:09:9e:5e:aa:4e:4f:78:14:73:4f:37:a3:7d:
77:b5:fe:98:61:93:c7:93:d4:ea:1b:5e:cf:a1:4e:
f9:b6:bb:71:2d:56:8d:30:fe:65:4a:ef:d2:e8:a0:
41:4f:a6:e4:aa:bc:a7:ce:bd:98:ea:00:ad:ea:e2:
71:1c:56:85:33:46:b1:a8:45:0c:d4:f4:31:61:8e:
8e:46:50:e7:e8:c6:40:33:f2:cc:26:1a:32:bb:31:
31:93:58:94:eb:34:9f:2e:cb:63:be:4f:c4:f8:36:
a3:e7:6c:7c:94:4e:02:b3:51:20:d3:cb:c5:70:e5:
b4:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:B2:6F:67:12:74:69:2C:98:37:AF:90:E4:1C:38:92:6C:56:14:75
X509v3 Authority Key Identifier:
keyid:3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/rLJvZxJ0aSyYN6-Q5Bw4kmxWFHU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/O37JQjv5DIHSLZSEHBA1elQmA3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.35.0-85.239.39.255
85.239.48.0/22
85.239.56.0/22
185.152.93.0-185.152.95.255
Signature Algorithm: sha256WithRSAEncryption
7a:2f:37:d0:bc:34:e2:da:15:85:ff:23:5b:b0:8d:96:06:58:
19:d5:8c:22:b8:69:a1:c0:89:fd:55:73:ba:f8:0a:53:af:4b:
75:7d:f1:33:a7:0d:a4:8b:ff:4a:65:2d:56:35:fa:ba:ae:2e:
24:c6:9b:88:e4:fc:b6:26:b8:67:de:69:52:a2:f2:3a:46:f7:
68:2a:bb:0a:97:d9:ac:40:6c:69:05:c0:5c:dd:3e:1c:3e:e0:
a2:fc:09:e9:bf:49:a5:6b:94:c8:01:e2:57:f9:39:76:61:cf:
ad:4c:49:84:5d:87:f7:4b:fd:13:8a:c5:89:bb:b5:ae:b6:67:
b0:bf:13:32:20:0e:a0:4b:96:93:ec:02:ec:fa:fa:2e:f7:6c:
54:c5:55:67:cc:12:03:65:c1:3d:c7:3b:86:a7:77:a1:4a:74:
08:5b:5d:33:01:44:42:8a:de:ae:e3:21:1d:29:be:ae:83:72:
17:eb:3e:8f:45:82:d6:24:98:e4:0a:fb:2a:36:e5:86:cd:69:
9d:37:06:3c:04:c0:69:77:c9:03:6a:e5:3a:79:20:e7:9d:5c:
16:fa:f5:bf:41:cd:e6:a8:e5:ca:cf:ed:5c:53:d3:47:fc:24:
97:2b:37:66:1a:93:8e:62:9c:18:a3:e0:48:9a:4c:5b:40:01:
09:61:73:e5
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzJTmgNY/qvv9mnFYtXBRyKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiN2VjOTQyM2JmOTBjODFkMjJkOTQ4NDFjMTAzNTdhNTQy
NjAzNzkwHhcNMjQwMTAyMDgzMzI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2IyNmY2NzEyNzQ2OTJjOTgzN2FmOTBlNDFjMzg5MjZjNTYxNDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7gs+Ts7gwVkjJgo2yoD98m1ItkQt
jArDysjiSgyEjAS5xrTJKGNN27eZ0WhuvPVH7jDUUj11De+KNHT90/UPVzp3jBlu
ra5FtE1N6qdnOno5ZnFN5Q9hqAItGoRYXX3T67BcIZm4jZQVh2HWVPrDiGBMFc3O
WLYBzzjj+uYlUF15vWGOXIGoqgmeXqpOT3gUc083o313tf6YYZPHk9TqG17PoU75
trtxLVaNMP5lSu/S6KBBT6bkqrynzr2Y6gCt6uJxHFaFM0axqEUM1PQxYY6ORlDn
6MZAM/LMJhoyuzExk1iU6zSfLstjvk/E+Daj52x8lE4Cs1Eg08vFcOW07QIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFKyyb2cSdGksmDevkOQcOJJsVhR1MB8GA1UdIwQY
MBaAFDt+yUI7+QyB0i2UhBwQNXpUJgN5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQt
MWQxMGYzYzcwYmI0LzEvckxKdlp4SjBhU3lZTjYtUTVCdzRrbXhXRkhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQtMWQxMGYzYzcwYmI0
LzEvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBABV7yMD
BANV7yADBAJV7zADBAJV7zgwDAMEALmYXQMEBbmYQDANBgkqhkiG9w0BAQsFAAOC
AQEAei830Lw04toVhf8jW7CNlgZYGdWMIrhpocCJ/VVzuvgKU69LdX3xM6cNpIv/
SmUtVjX6uq4uJMabiOT8tia4Z95pUqLyOkb3aCq7CpfZrEBsaQXAXN0+HD7govwJ
6b9JpWuUyAHiV/k5dmHPrUxJhF2H90v9E4rFibu1rrZnsL8TMiAOoEuWk+wC7Pr6
LvdsVMVVZ8wSA2XBPcc7hqd3oUp0CFtdMwFEQoreruMhHSm+roNyF+s+j0WC1iSY
5Ar7Kjblhs1pnTcGPATAaXfJA2rlOnkg551cFvr1v0HN5qjlys/tXFPTR/wklys3
ZhqTjmKcGKPgSJpMW0ABCWFz5Q==
-----END CERTIFICATE-----
Generated at Wed Jun 26 15:02:38 2024 by rpki-client on console-fra.rpki-client.org